Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.22 and 21.3-21.13. Easily exploitable vulnerability allows high privileged attacker having SYSDBA privilege with network access via Oracle Net to compromise Unified Audit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Unified Audit accessible data. CVSS 3.1 Base Score 4.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N).
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.oracle.com/security-alerts/cpuapr2024.html |
History
Tue, 19 Nov 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: oracle
Published: 2024-04-16T21:26:17.684Z
Updated: 2024-11-19T21:09:41.908Z
Reserved: 2023-12-07T22:28:10.662Z
Link: CVE-2024-21058
Vulnrichment
Updated: 2024-08-01T22:13:42.352Z
NVD
Status : Awaiting Analysis
Published: 2024-04-16T22:15:23.570
Modified: 2024-11-19T21:35:04.083
Link: CVE-2024-21058
Redhat
No data.